Ready to get started?

Learn more about the CData ADO.NET Provider for Active Directory or download a free trial:

Download Now

Automate Active Directory Integration Tasks from PowerShell

Are you looking for a quick and easy way to access Active Directory data from PowerShell? We show how to use the Cmdlets for Active Directory and the CData ADO.NET Provider for Active Directory to connect to Active Directory data and synchronize, automate, download, and more.

The CData Cmdlets for Active Directory are standard PowerShell cmdlets that make it easy to accomplish data cleansing, normalization, backup, and other integration tasks by enabling real-time and bidirectional access to Active Directory.

Cmdlets or ADO.NET?

The cmdlets are not only a PowerShell interface to the Active Directory API, but also an SQL interface; this tutorial shows how to use both to create, retrieve, update, and delete Active Directory data. We also show examples of the ADO.NET equivalent, which is possible with the CData ADO.NET Provider for Active Directory. To access Active Directory data from other .NET applications, like LINQPad, use the CData ADO.NET Provider for Active Directory.

After obtaining the needed connection properties, accessing Active Directory data in PowerShell consists of three basic steps.

To establish a connection, set the following properties:

  • Valid User and Password credentials (e.g., Domain\BobF or cn=Bob F,ou=Employees,dc=Domain).
  • Server information, including the IP or host name of the Server, as well as the Port.
  • BaseDN: This will limit the scope of LDAP searches to the height of the distinguished name provided.

    Note: Specifying a narrow BaseDN may greatly increase performance; for example, cn=users,dc=domain will only return results contained within cn=users and its children.

PowerShell

  1. Install the module:

    Install-Module ActiveDirectoryCmdlets
  2. Connect:

    $activedirectory = Connect-AD -User "$User" -Password "$Password" -Server "$Server" -Port "$Port"
  3. Search for and retrieve data:

    $cn = "Administrator" $user = Select-AD -Connection $activedirectory -Table "User" -Where "CN = `'$CN`'" $user

    You can also use the Invoke-AD cmdlet to execute SQL commands:

    $user = Invoke-AD -Connection $activedirectory -Query 'SELECT * FROM User WHERE CN = @CN' -Params @{'@CN'='Administrator'}

ADO.NET

  1. Load the provider's assembly:

    [Reflection.Assembly]::LoadFile("C:\Program Files\CData\CData ADO.NET Provider for Active Directory\lib\System.Data.CData.ActiveDirectory.dll")
  2. Connect to Active Directory:

    $conn= New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryConnection("User=cn=Bob F,ou=Employees,dc=Domain;Password=bob123;Server=10.0.1.2;Port=389;") $conn.Open()
  3. Instantiate the ActiveDirectoryDataAdapter, execute an SQL query, and output the results:

    $sql="SELECT Id, LogonCount from User" $da= New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryDataAdapter($sql, $conn) $dt= New-Object System.Data.DataTable $da.Fill($dt) $dt.Rows | foreach { Write-Host $_.id $_.logoncount }

Update Active Directory Data

PowerShell

Update-AD -Connection $ActiveDirectory -Columns @('Id','LogonCount') -Values @('MyId', 'MyLogonCount') -Table User -Id "MyId"

ADO.NET

$cmd = New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryCommand("UPDATE User SET CN='Administrator' WHERE Id = @myId", $conn) $cmd.Parameters.Add(new System.Data.CData.ActiveDirectory.ActiveDirectoryParameter("@myId","10456255-0015501366")) $cmd.ExecuteNonQuery()

Insert Active Directory Data

PowerShell

Add-AD -Connection $ActiveDirectory -Table User -Columns @("Id", "LogonCount") -Values @("MyId", "MyLogonCount")

ADO.NET

$cmd = New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryCommand("INSERT INTO User (CN) VALUES (@myCN)", $conn) $cmd.Parameters.Add(new System.Data.CData.ActiveDirectory.ActiveDirectoryParameter("@myCN","Administrator")) $cmd.ExecuteNonQuery()

Delete Active Directory Data

PowerShell

Remove-AD -Connection $ActiveDirectory -Table "User" -Id "MyId"

ADO.NET

$cmd = New-Object System.Data.CData.ActiveDirectory.ActiveDirectoryCommand("DELETE FROM User WHERE Id=@myId", $conn) $cmd.Parameters.Add(new System.Data.CData.ActiveDirectory.ActiveDirectoryParameter("@myId","001d000000YBRseAAH")) $cmd.ExecuteNonQuery()